A spyware traced to an Israeli intelligence firm has injected vulnerabilities into WhatsApp’s phone call function on iPhone and Android devices.
Attackers used the malicious agent to transmit private user data by calling the user and infecting the call whether or not the call was picked-up, according to the Financial Times which broke the news on Monday night.
Oftentimes, the spyware would erase incoming calls register, making it more difficult for users to detect.
WhatsApp, owned by Facebook and used by more than 1.5 billion people, has advised users to immediately upgrade to its latest version which contains a new patch that fixed the vulnerability. An additional update was published on Monday.
The company first detected the problem last week and quickly addressed it with its internal infrastructure. It also notified the United States Department of Justice of the breach, Financial Times reported.
As part of urgent measures to contain the breach and prevent further theft of user data, a ‘CVE’ advisory was also released for cybersecurity experts on Monday, informing them about the devices that were worse hit.
WhatsApp did not immediately disclose the extent of damage already caused by the spyware.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a statement. “We have briefed a number of human rights organisations to share the information we can and to work with them to notify civil society.”
The Israeli-based NSO, which Financial Times identified as responsible for the attach, denied the allegations in a statement on Monday, saying it was investigating the matter.
“NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual,” it said to the Financial Times. The organisation often limits sales of its spyware, Pegasus, to state intelligence agencies.
The spyware’s capabilities are widely deemed virulent by experts. It could extract all of the data already on any targeted device, including text messages, contacts, GPS location, email, browser history.
WhatsApp has been widely popular across the world for its easy-to-use interface and and end-to-end encryption. Journalists, activists and dissidents have become comfortable with the application’s communication guarantees, and WhatsApp said the Israeli spyware did not affect the encryption functionality.
